11-23-2012 09:50 AM - edited 02-21-2020 06:30 PM
11-29-2012 09:24 AM
You can use match tunnel-group in MPF on ASA.
Please refer to configuration guide:
http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/conns_qos.html
12-10-2012 12:13 PM
Sorry to the late reply.
My question is like, set a maximum number of traffic a IPsec user can use from the tunnel. For instance, 10 G a week.
I didnt find your document has a relavent part to it. Correct me if I am wrong.
thanks,
Han
12-15-2012 11:38 PM
Hi Han,
I don't see myself possibility to do that.
You can limit data transferred in one IPSEC SPI before renegotiation using
crypto ipsec security-association
but this is not what you are looking for.
I guess if you really want to achieve it you would need to use some external script going to ASA periodically through SSH and parsing output of some show commands.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: